Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[eclipse.org-architecture-council] [Bug 249745] Eclipse Repository Best Practices 
https://bugs.eclipse.org/bugs/show_bug.cgi?id=249745  
Product/Component: Community / Architecture Council




--- Comment #9 from Dave Orme <djo@xxxxxxxxxxxxxxxxxxxxxxxxx>  2008-10-06 14:27:37 -0400 ---
> I guess that every other SCM will not support manipulation in the repository 
> through direct file system operations in a way that CVS allows it. There are 
> good reasons not to allow that.

For example:

Suppose someone cracks dev.eclipse.org.  Right now, they could inject a virus
or a security hole into Eclipse with a high likelihood that nobody would
notice.

This isn't just theoretical--someone tried this once with the Linux kernel, but
was caught because Bitkeeper (what Linus was using at the time) was designed so
that you can catch just this sort of thing.

Git and Mercurial are also specifically engineered to prevent this sort of
crack--they both use the SHA1 hash over the repository content to identify a
given revision.

IMO, the risk of somebody injecting malicious code without our being able to
detect it is at least as big a reputational risk to Eclipse as copyrighted code
needing to be cleaned out of the repository.


-- 
Configure bugmail: https://bugs.eclipse.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Back to the top